
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link href="moddweb.css" rel="stylesheet" type="text/css">
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>MoDD Web Account Sign-Up</title>

<script type="text/javascript">

<!-- Begin
function doValidate() {
	
	var invalid = " "; // Invalid character is a space
	var minLength = 6; // Minimum length
	var firstname = document.myForm.firstname.value;
	var lastname = document.myForm.lastname.value;
	var username = document.myForm.username.value;
	var email    = document.myForm.email.value;
	var password = document.myForm.password.value;
	var regkey   = document.myForm.regkey.value;
	
	// check for a value in both fields.
	if (firstname == '' || lastname == '' || username == '' || email == '' ||
	password == '' || regkey == '') {	
		alert('All fields are required. Please enter a value for each field.');
		return false;
	}

	else {
		return true;
	}

}
// END -->

</script>

</head>

<?php

$REF_regkey = "MODDWEB_1_2007";

$firstname = $_POST["firstname"];
$lastname  = $_POST["lastname"];
$username  = $_POST["username"];
$password  = $_POST["password"];
$email     = $_POST["email"];

$regkey    = $_POST["regkey"];

$self   = $_SERVER['PHP_SELF'];

$err_string = "";

include_once("db_login.php");
$cnx = connect_to_db();
if (!$cnx) {
	die("Couldn't connect to database: " . mysql_error());
}


if ($username != NULL) {

	// they are trying to create an account .... 
	
	// check to make sure they didn't leave anything blank? This should be done with
	// JavaScript

	// CHECK if they have entered the correct registration key
	if (strcmp($regkey,$REF_regkey) != 0) {
		$err_string = "<font color=\"red\"><b>Error:</b> You have entered an incorrect registration
		key. Please enter the correct key, or contact the researchers for more information. </font>
		<br /><br />";
		show_form();
		exit();
		
	}
	

	//CHECK to see if the username is already taken
	$query_res = $cnx->query("SELECT COUNT(*) FROM user WHERE username = \"$username\"");
	$uname_array = $query_res->fetchRow();
	$uname_count = $uname_array[0];


	if ($uname_count != 0) {
		$err_string = "<font color=\"red\"><b>Error:</b> Username \"$username\" is already taken." .
 					  "Please try again</font><br /><br />";
					  
		$username = "";
		// here you should re-render the form with everything still in it		
		show_form();
		exit();
	}


	//they picked a novel user name - put it in the database!
	
	$query_str = "INSERT INTO user (user_id, username, email, password, " . 
				"firstname, lastname, last_log_time, permission) " .
				" VALUES (NULL, \"$username\", \"$email\", \"$password\", \"$firstname\", \"$lastname\", " .
				" 0, \"U\")";
		
	$query_res = $cnx->query($query_str);
	if (DB::isError($query_res)) {
		die ("ERROR executing insert query: " . DB::errorMessage($query_res));
	}
					
	$query_res = $cnx->query("SELECT MAX(user_id) FROM user");
	$entry = $query_res->fetchRow();
	
//	render_header();
	echo("<body>");
	echo("<h3>Thanks, " . $username . "!</h3>");
	echo("<p>You have successfully created an account.</p>");
	echo("<p>You can now start using your phone to upload samples to your account! To see your 
	samples, you'll need your username and password to <a href=\"login_form.php\">log in</a> 
	to the MoDDWeb site.</p>");
	render_end();

}

else {
	show_form();
}


function show_form() {
//	render_header();
	render_start();
	render_form();
	render_end();
}

function render_start() {
	echo ('<body>

		<h2> Welcome to MoDD </h2>
		<p> Please fill in all the fields to sign up for an account.</p>
		');
}

function render_end() {
	echo ('</body></html>');

}

function render_form() {

	/*
	$query_res = mysql_query("SELECT user_id,firstname,lastname FROM user");
	
	$reg_users = array();
	
	while ($row = mysql_fetch_array($query_res, MYSQL_ASSOC)) {
		//echo $row["firstname"];
		$reg_users[$row["user_id"]] = $row["firstname"] . " " . $row["lastname"];
	
	}
	*/
	
	global $err_string, $firstname, $lastname, $username, $password, $email;
	echo $err_string;
	
	
	// Don't need this code here - this is for if you want to include all users
	// name in a list - NOT a good idea :)
	/*
	echo('<form action="' . $self . '" method="POST">
	<label>Enter username: </label>
	<SELECT NAME="user">
	<option VALUE="none"></option>');
	foreach ($reg_users as $key => $value) {
		echo('<OPTION VALUE="' . $key . '">' . $value . "</option>");
	}
	echo ("</SELECT>");
	*/
	
	echo ('<form name="myForm" action="' . $self . '" method="POST" onSubmit="return doValidate();">');
	echo ("<table>");
	
	echo ('<tr><td>');
	echo ("<label>First name: </label></td>");
	echo ("<td><input type=\"text\" name=\"firstname\" size=\"20\" value=\"$firstname\"/> </td>");
	echo ("</tr>");
	
	echo ('<tr><td>');
	echo ("<label>Last name: </label></td>");
	echo ("<td><input type=\"text\" name=\"lastname\" size=\"20\" value=\"$lastname\"/> </td>");
	echo ("</tr>");
	
	echo ('<tr><td>');
	echo ("<label>Email address: </label></td>");
	echo ("<td><input type=\"text\" name=\"email\" size=\"30\" value=\"$email\"/> </td>");
	echo ("</tr>");
	
	echo("<tr><td><label>Username: </label>
		</td><td>
		<input type=\"text\" name=\"username\" size=\"20\" value=\"$username\"	 />
		</td></tr>");
	echo ("</tr>");
	
	echo ('<tr><td>');
	echo ("<label>Password: </label></td>");
	echo ("<td><input type=\"password\" name=\"password\" size=\"20\" value=\"$password\"/> </td>");
	echo ("</tr>");

	echo ('<tr><td>');
	echo ("<label>Registration key: </label></td>");
	echo ("<td><input type=\"text\" name=\"regkey\" size=\"20\" value=\"$regkey\"/> </td>");
	echo ("</tr>");

	
	echo ("<tr><td><input type=\"submit\" value=\"Create account\" /></td></tr></table>
		  </form>
		  ");
}

?>


</body>
</html>

